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DETAILED ACTION 

1 . Claims 1-21 are pending. 

•J 

Drawings 

2. The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) because they do not 
include the following reference sign(s) mentioned in the description: (The specification includes 
number 10 to show the device on the drawing but the drawing doesn't include this sign), Corrected 
drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid 
abandonment of the application. Any amended replacement drawing sheet should include all of the 
figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. 
Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as 
either "Replacement Sheet" or "New Sheet" pursuant to 37 CFR 1.121(d). If the changes are not . 
accepted by the examiner, the applicant will be notified and informed of any required corrective action in 
the next Office action. The objection to the drawings will not be held in abeyance. 

Specification 

3. The disclosure is objected to because of the following informalities: The device 10 is not on the 
drawing. Appropriate correction is required. 

Claim Objections 

4. Claims 3 and 14 are objected to because of the following informalities: the short form ROM 
should be write as READ-ONLY MEMORY (ROM) at least one time. Appropriate correction is required. 

5. Claims 4 and 1 5 are objected to because of the following informalities: the short form EEPROM 
should be write as ELECTRICALLY ERASABLE PROGRAMMABLE READ-ONLY MEMORY 
(EEPROM) at least one time. Appropriate correction is required. 
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Claim Rejections - 35 USC § 102 



6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for 
the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(bj the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

7. Claims 1-5, 7-10, 12-19 and 21 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Hoornaert et al (Hoornaert), US Pub. 2001/0054148. 

As per claim 1 , Hoornaert discloses: 

- A multi-purpose authentication device, comprising: (page 1, paragraph 13, "To satisfy this 
demand for an easily manufactured and distributable smart card technology the invention provides a field 
programmable user authentication device, electronic token, or token device"). 

- a main memory; a processor coupled to access the main memory; (page 1, paragraph 8, 
"Smart cards often contain their data stored by means of magnetic storage (a "swipe strip" or "mag • 
stripe") or in a read-only memory (ROM) or random access memory (RAM), and usually include either 
a central processing unit (CPU) or a stored set of instruction in order to provide some degree of 
intelligence"). 

- an access code generating means located in the processor for generating a one-time access 
code associated with a single user's identity, (page 3, paragraph 36, "From then on the terminal (now 
more correctly considered an electronic token device) can be used for a variety of secure applications. 
For example, it can be used to log-on remotely to computer networks, to generate one-time passwords, 
accept challenge messages and calculate responses and even generate MAC (media access control) 
signatures over messages. 
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- correlating authentication protocols with the access codes stored in the memory, (page 
7, paragraph 92, "The derived keys may be compared (step 202) to ensure user 
authentication(siep204)") and (page 7, paragraph 94, "If this value is a value known by the service 
provider (step 220), they can derive the same token device key and store that in his database (step 
222) to authenticate a user") 

- communicating the authentication of the user's access to an external protected resource, 
(page 2, paragraph 18, "In one embodiment, the invention comprises a field programmable electronic 
smart card terminal for allowing secure communication between a user and a host service, service 
provider, or application provided by a service provider") 

- an independent power source operationally connected to the processor. (Page 6, paragraph 
70, " In non-connected mode the token device works by getting power from the internal batteries 
158"). According to the invention, an independent power source 14 is a battery. 

- a communications controller for interfacing to an external processing device, (page 2, 
paragraph 18, "In one embodiment, the invention comprises a field programmable electronic smart card 
terminal for allowing secure communication between a user and a host service, service provider, or 
application provided by a service provider") 

As per claim 2, Hoornaert discloses: 

- The device of Claim 1 , further comprising a smart card coupled to the processor through a 
controller for generating cryptographic keys, for performing encryption, decryption and signing of 
the single user for gaining access to the external protected resource. (Page 6, paragraph 67, "The 
token device can interoperate with other special cards. Once in connected monde the token device can 
be designed to work with Java cards, and with smart cards with cryptographic co-processor such as 
RSA cards"). Further hoornaert disclosed, (Abstract, line 4-7, "The combination of token device and 
smart card may then be used for a variety of application that include user authentication, secure 
access, encryption"). 



Application/Control Number: 10/777,626 Page 5 

Art Unit: 2109 

As per claim 3, Hoornaert discloses: 

-The device of Claim 2, wherein said smart card is provided with a programmable ROM. 
(Page 4, paragraph 52, "In one embodiment, the original software used with the smart card is already 
factory programmed during manufacturing into a programmable Read Only Memory (ROM) area of the 
token device"). 

As per claim 4, Hoornaert discloses: 

- The device of Claim 3, wherein said programmable ROM is EEPROM. (Page 7, paragraph 99, 
" The storage medium can include, but is not limited to, EEPROMs"). 

As per claim 5, Hoornaert discloses: 

- The device of Claim 3, further comprising an auxiliary memory for storing user credentials 
(Page 2, paragraph 19, "receiving at said generic smart card reader a user smart card having stored 
thereon a user identification data"). 

- a controller for interfacing with external hardware, the main memory, the smart card and 
the processor. (Page 5, paragraph 57, "The different elements of the token device can be divided into 3 
interface levels: the interface with the user, the interface with external devices such as a connected 
PC, and the interface with the smart card 1 ). Further Hoornaert disclosed, (page 1 , paragraph 8, "Smart 
cards often contain their data stored by means of magnetic storage (a "swipe strip" or "mag stripe") or in a 
read-only memory (ROM) or random access memory (RAM), and usually include either a central 
processing unit (CPU) or a stored set of instruction in order to provide some degree of intelligence"). 

As per claim 7, Hoornaert discloses: 

- The device of Claim 1 , further comprising a display screen associated with the processor. 
(Page 5, paragraph 59, "In one embodiment of the smart card terminal/token device, the user interface 
has two elements, a display and a keypad"). 
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As per claim 8, Hoornaert discloses: 

- The device of Claim 7, wherein/ said processor controls operation of the display screen 
for displaying a passcode for a predetermined period of time and for de-activating the display 
screen upon passage of the predetermined period of time. (Page 6, paragraph 69, "An internal clock 
160 is required for token device time-dependent application such as time-based password, time 
based signature etc"). In addition Hoornaert disclosed, (Page 5, paragraph 59, "In one embodiment of 
the smart card terminal/token device, the user interface has two elements, a display and a keypad"). 
Time-based password inherently indicates that de-activating the screen upon passage of the 
predetermined period of time. 

As per claim 9, Hoornaert discloses: 

- The device of Claim 1, wherein said processor is operationally connected to a control button 
for activating the processor and generating the passcode upon demand. (Page 7, paragraph 92, "In 
this security mode the token device random generator generates a one time "historical" secret that is 
displayed (step 196)"). In addition Hoornaert disclosed, (page 7, paragraph 96, "the token device is 
initialized each time the smart card is introduced ) and (page, paragraph 38, "A particular user 124 
receives one of the smart card terminal, and inserts their own personal smart card 126 into the 
terminal to create a personalized electronic token 126/128 ). Where a particular user inserts his/her 
smart card, inherently indicate that generating the pass code upon demand. 

As per claim 1 0, Hoornaert discloses: 

- The device of Claim 1 , wherein said communications controller uses a USB interfaces. 
(Page 5, paragraph 62, U A universal serial bus (USB) connection is optionally available for interface 
with a personal computer (PC)"). 



As per claim 12, Hoornaert discloses: 
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- The device of Claim 1 , wherein said independent power source is a replaceable battery. 
(Page 4, paragraph 47, "When the voltage level drops under a predefined level, the token device enters a 
battery fail phase, and signals a "battery low" warning. The battery must then be replaced in order to 
keep the RAM contents intact"). 

As per claim 13, the rejection of claim 1 is incorporated and further Hoornaert discloses: 

- a non-volatile storage memory coupled to a controller for providing an interface of the 
processor to the external protected resource; (page 4, paragraph 45, "In the initial programming 
phase, the token device is shipped to the system owner. As shipped, it contains all required parameters 
for the system owner in a built-in read only memory (ROM)") and (Page 5, paragraph 57, "The different 
elements of the token device can be divided into 3 interface levels: the interface with the user, the 
interface with external devices such as a connected PC, and the interface with the smart card ). 
Where ROM is known as a non-volatile storage memory. 

- a smart card operationally connected to the controller for providing encryption and decryption 
functions and enabling identity management of the user. (Page 6, paragraph 78, "In some embodiments 
the token device supports Data Encryption Standard (DES) and triple DES. In some embodiments, the 
token device also supports the PKA mechanism to unlock a secret that resides in encrypted mode on a 
PC") and (Page 6, paragraph 78, "using a smart card containing private keys and digital certificates 
on the smart card to transfer these keys and certificates to the application in the PC"). 

Claim 14 is rejected under the same reason set forth in rejection of claim 3: 
Claim 15 is rejected under the same reason set forth in rejection of claim 4: 
Claim 16 is rejected under the same reason set forth in rejection of claims 1, 8 and 9: 
Claim 17 is rejected under the same reason set forth in rejection of claim 8: 
Claim 18 is rejected under the same reason set forth in rejection of claims 8 and 9: 
Claim 19 is rejected under the same reason sef forth in rejection of claim 10: 
Claim 21 is rejected under the same reason set forth in rejection of claim 12: 
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Claim Rejections -35 USC §103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 1 02 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to 
a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

9. Claims 6, 1 1 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hoornaert 
as applied to claims 1-5, 7-10, 12-19 and 21 above, and further in view of Mok et al, US Pub. 
2003/0097586. 

As per claim 6, Hoornaert discloses: 

- The device of Claim 1 , wherein said processor controls operation of the device between an 
active mode, a standby mode and an "off" mode. (Page 5, paragraph 60, The ON/OFF key should be 
protected against an accidental, continuous ON state during transport. This helps to prevent unnecessary 
battery drain"). Where the active mode can be an on mode. 

Hoornaert dose not explicitly discloses, a standby mode. On the other hand, on the same field of 
endeavor, Mok teaches the above limitation as, (page 5, paragraph89, "the process flow of an integrated 
motion detector and transponder reader is shown. The process flow is similar to FIG. 7 except that the 
ctewce is in standby mode until activated by the motion detector identifying a moving object"). According 
to Mok, (page 1, paragraph 24, "Advantageously, the card reader/writer is integrated with an 
identification authentication device so as to authenticate the identity of a carrier of the transponder prior 
to writing a replacement unique identifier to the transponder of the carrier ") 

Therefore, it would have been obvious to one of ordinary skill in the art, at the time of the 
invention was made, to modify the teaching of Hoornaert and include the standby mode using the 
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teaching of Mok. The modification would be obvious because one of ordinary skill in the art would be 
motivated to add a standby mode to the system having a power source in order to save a power drain. 

As per claim 1 1 , hoornaert discloses: 

- The device of Claim 1, wherein said independent power source is a rechargeable battery. 
(Page 6, paragraph 70, "In non-connected mode the token device works by getting power from the 
internal batteries 758"). 

Hoornaert dose not explicitly discloses, the battery is a rechargeable battery. On the other hand, 
on the same field of endeavor, Mok teaches the above limitation as, (page 3, paragraph 65, "the portable 
reader 31 is provided with a cellular transmission reception capability to enable communication with the 
security processor. The cellular transmissions/reception capability also allows the portable reader to be 
used as a cellular telephone to communication with other portable readers or third parties. Preferably, the 
portable reader is provided with a rechargeable battery power source and an interactive touch screen 
display"). 

Therefore, it would have been obvious to one of ordinary skill in the art, at the time of the 
invention was made, to modify the teaching of Hoornaert and include the rechargeable battery using the 
teaching of Mok. The modification would be ovious because one of ordinary skill in the art would be 
motivated to add a rechargeable battery to the system having a power source in order to save the cost of 
replacing battery. 

Claim 21 is rejected under the same reason set forth in rejection of claim 11: 

Conclusion 

10. The prior art made or record and not relied upon is considered pertinent to applicant's disclosure. 
TITLE: Methods and apparatus for awarding prizes based on authentication of computer generated 
outcomes using coupons, US Pub. No 2003/0177347. 

TITLE: System and method for security of computing devices, US Pub. No. 2003/0037237. 
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TITLE: Universal positive pay match, authentication, authorization, settlement and clearing system, US 
Pub. No. 2002/0052852. 

TITLE: Portable authentication device and method using iris patterns, US 6,532,298. 

Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Teshome Hailu whose telephone number is (571 ) 270-31 59. The examiner can normally 
be reached on Mon-Fri 7:30a.m. to 5:00p.m. PST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Chamili Das can be reached on (571) 272-3696. The fax phone number for the organization where this 
application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-21 7-91 97 (toll-free). If you would like assistance from a USPTO Customer Service Representative 
or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 

Teshome Hailu 



Patent Examiner 




TH 



CHAMELI DAS 
SUPERVISORY PATENT EXAMINER 



